In this article I will add the Trusted Root certificate in vCenter Certificate store. Basically this will help to use your Certificate Authority root chain certificate (CA server) or third party certificates in your VMware vSphere infrastructure, If you are intending to use a trusted root certificate.
Here I will be using my CA certificate chain in my environment. I am on my CA server portal (Microsoft Active Directory Certificate services http://YourCAServer/certsrv). Click on the Download a CA certificate, certificate chain or CRL url.
On the next page, Click download CA certificate link.
Now I have a Root CA certificate downloaded from my Certificate authority. On the VMware vSphere Client, click 3 horizontal bars at Top - left side, Go to Administration. Expand Certificates and choose Certificate Management. In the Trusted Root Certificates box click ADD link. Check the box for Start Root certificate push to vCenter Hosts (ESXi servers). Next Click Certificate Chain BROWSE button and select downloaded Root CA certificate (You can use CER, PEM or CRT file extension types). Open it and upload the certificate.
You will see a new box for added/uploaded in-house Root CA certificate or third party certificate. By clicking view details check the details information of Certificate.
Useful Articles
How to import default vCenter server appliance VMCA root certificate and refresh CA certificate on ESXi
How to replace default vCenter VMCA certificate with Microsoft CA signed certificate
Managing ESXi SSL certificate properties from vCenter server
Forward vCenter Server Appliance logs to syslog server
Connect-VIServer Error: Invalid server certificate. Use Set-PowerCLIConfiguration
VMware vcenter 7.0 A problem occurred during setup Services might not be working as expected 63%
VMware UMDS curl_easy_perform() failed: cURL Error: SSL peer certificate or SSH remote key was not OK, SSL certificate problem: unable to get local issuer certificate